Organisations looking to protect themselves from liability and serious decision-making errors need to address the forgotten side of information management: the human, or cultural, element.
According to information management and eBusiness consultancy iFocus, cultural issues are often the root cause of compliance problems such as leaked confidential information, and disastrous process-related events resulting from misinterpretation of information.
Jason Kaminski of iFocus urges organisations to build a culture of 'information literacy': an 'information literate' person understands the fundamental cultural, ethical, economic, legal and social issues surrounding the creation, use and distribution of information.
"Most employees are expected to create, use and manage information and make informed decisions. An information literacy framework should be standard for all people involved in the information lifecycle throughout an organisation.
"A common mistake is for business units to rely on IT departments to manage information, without enough emphasis on building information literacy throughout the whole organisation."
Mr Kaminski said that successfully managing information requires a focus on two very different areas: technical tools and human behaviour.
Many organisations place too much reliance on the technical side, and are literally inundated with technologies for storing and managing structured data, said Mr Kaminski. "Database management principles have been around for a long time, and are usually founded on tested theoretical models. Repositories of unstructured data, such as human communications, documents and images present a greater challenge because it is difficult to model human expression, thinking and language in a purely theoretical way.
"Business rules and procedures provide governance for managing information, but it is the people's ability to understand and interpret those rules that often fails."
In some cases, this will have disastrous results. A 'worst case scenario' Mr Kaminski cites is the infamous 1988 Piper Alpha oil rig disaster, which claimed 167 lives. A subsequent enquiry found that documentation systems for managing technical maintenance were in place, but that they were not followed or properly monitored. There was also a fatal flaw in the design of the permit-to-work system, which no-one recognised until it was too late.
Avoidable privacy breaches, where confidential information is accidentally disclosed to the public, also present a considerable risk to most organisations. The recent local controversy surrounding improper access to Victoria's police database shows the damage leaked information can cause.
"A common reaction is to invest in more technology or to throw even more information at a problem. Organisations can reduce the risk of improper use of information more effectively by increasing their commitment to human information literacy", Mr Kaminski said.
Organisations can protect themselves from making major errors of judgment by establishing rules and systems that govern information use and management, and by appointing a governance team to manage these rules. But to be sure of success, Mr Kaminski believes that organisations must consider their overall information management capability as an integral aspect of their organisational culture.
In particular, the cultural side of information management should be included in disaster recovery and business continuity planning. "I am amazed that many organisations still overlook the complete picture when it comes to disaster recovery.
"An organisation will often take steps to perform the usual data and systems backup, but forget to protect the cultural knowledge needed to make the information accessible, usable and governable."
In this way, information literacy assists with both prevention and cure of disaster, according to Mr Kaminski, who believes that the benefits of information literacy far outweigh the planning effort required to achieve it. "Information literacy standards can be built into induction training and learning initiatives, and included in position descriptions and performance reviews, and so on."
Organisations remaining information 'illiterate' not only remain vulnerable to liability; they position themselves for data overload. "Data overload is obviously a by-product of an information-based economy. But you can't solve information management problems by producing more information or building a new system. Sometimes less is more.
"Rather than feeding an addiction to information, we need to find ways of using the information and systems we already have more wisely."
For more information, please contact iFocus.
Related information: